/*
 * 文件名：MyFilterSecurityInterceptor.java
 * 版权：Copyright by www.wootide.com
 * 描述：自定义安全过滤器
 * 修改人：ozm
 * 修改时间：2013-1-24
 * 跟踪单号：
 * 修改单号：
 * 修改内容：
 */
package com.wootide.ets.sys.security.interceptor;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.springframework.security.access.SecurityMetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

public class MyFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter
{
    private FilterInvocationSecurityMetadataSource securityMetadataSource;
    
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException
    {
        FilterInvocation fi = new FilterInvocation(request, response, chain);
        invoke(fi);
    }
    
    public FilterInvocationSecurityMetadataSource getSecurityMetadataSource()
    {
        return this.securityMetadataSource;
    }
    
    public Class<? extends Object> getSecureObjectClass()
    {
        return FilterInvocation.class;
    }
    
    
    /**
     * 最核心的代码就是invoke方法中的InterceptorStatusToken token = super.beforeInvocation(fi);这一句，即
                在执行doFilter之前，进行权限的检查，而具体的实现已经交给accessDecisionManager了
     * Description: <br>
     * Implement: <br>
     * @param fi
     * @throws IOException
     * @throws ServletException
     * @see
     * @return void
     * @author develop
     */
    public void invoke(FilterInvocation fi) throws IOException,
            ServletException
    {
        
        InterceptorStatusToken token = super.beforeInvocation(fi);
        try
        {
            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
        }
        finally
        {
            super.afterInvocation(token, null);
        }
    }
    
    public SecurityMetadataSource obtainSecurityMetadataSource()
    {
        return this.securityMetadataSource;
    }
    
    public void setSecurityMetadataSource(
            FilterInvocationSecurityMetadataSource newSource)
    {
        this.securityMetadataSource = newSource;
    }
    
    public void destroy()
    {
    }
    
    public void init(FilterConfig arg0) throws ServletException
    {
    }
}
